Hospitals use patient data to target ads

Monday

Nov 12, 2012 at 12:01 AMNov 12, 2012 at 4:42 PM

You might not know it when you seek care from some of central Ohio's hospital systems, but your health information makes you a potential marketing target. OhioHealth and Mount Carmel Health System routinely mine health data from their patients' records to decide who should receive certain mailings.

Ben Sutherly, The Columbus Dispatch

You might not know it when you seek care from some of central Ohio’s hospital systems, but your health information makes you a potential marketing target.

OhioHealth and Mount Carmel Health System routinely mine health data from their patients’ records to decide who should receive certain mailings. The approach — sometimes called “ customer-relationship management” — has been used for six years by OhioHealth and two years by Mount Carmel. Ohio State University’s Wexner Medical Center hasn’t used it, but it plans to take another look at the tactic soon, a spokesman said.

OhioHealth has used such data to send messages to patients who are diabetic or have a history of heart disease. In other cases, officials said, the birth of a baby or a mammogram can put a patient on a list for future mailings.

Mount Carmel has turned to its patient data to send out reminders about mammograms, colorectal screenings, health fairs and seminars on joint replacement.

Some hospitals aim mailings at more-profitable patients, which they say helps cover the cost of their nonprofit mission to provide health care to people who can’t afford it. OhioHealth uses household income as a variable; Mount Carmel declined to say whether it does.Neither nonprofit health system would disclose to The Dispatch all the kinds of health data it uses to target mailings, saying such information is proprietary.

But officials with both organizations said their use of the tactics complies with health-care privacy laws, including the 1996 Health Insurance Portability and Accountability Act, known as HIPAA. And they said data are encrypted so an individual’s health data can’t be viewed by marketing officials.

“I never see any individual’s patient information,” said Laura McCoy, a vice president of marketing and communications at OhioHealth. “We’re very protective and respectful of patient data."

“That is sacred to us, to maintain that confidentiality,” said Teri Watson, Mount Carmel’s vice president of planning and marketing.

OhioHealth and Mount Carmel said the use of health and demographic data from patient records is meant to educate patients and help them manage and improve their health, all while making optimal use of limited health-care advertising dollars. At the same time, they say, such tactics are an important way to communicate with patients, especially as hospitals are increasingly expected to keep folks well instead of treating them when they’re sick.

“Our relationship with patients doesn’t stop when they walk out of our doors,” Watson said. “We want to keep them informed.”

The goal to inform patients, however, is intertwined with business motives, including a desire to increase a hospital system’s market share. McCoy acknowledged that: “We also want to grow, keep the organization healthy,” she said.

Privacy experts say the use of health data in marketing provokes a spectrum of patient responses, from indifference to anger. Some people are OK with the idea that their health information might be used for marketing, as long as the information is secure. Others say the information should be used only by their caregivers.

“They wouldn’t want (that) to be part of this scary, big database in the sky,” said Alice Leiter, a policy attorney for the Center for Democracy and Technology, a nonprofit agency whose work includes a health-privacy project. “They want to know about it and want an opportunity to consent” to the use of that data.

Patients typically can opt out of mailings by contacting their hospital.

Neither hospital system would disclose how much it spends on customer-relationship management. But it is a small fraction of the $10?million and $4.63?million that OhioHealth and Mount Carmel spent on advertising and promotion, respectively, in fiscal year 2010.

Both health systems contract with outside firms to process their patient data. Mount Carmel contracts with Medseek of Birmingham, Ala., while OhioHealth uses CPM HealthGrades in Madison, Wis., a unit of HealthGrades, of Denver. Those third-party companies also are bound by privacy laws, local hospital advertising officials said.

At T he Dispatch’s request, OhioHealth selected a sample of marketing materials that it distributes using customer-relationship management tactics. Among the materials: a flier promoting prevention and wellness events meant to raise awareness about heart and vascular disease, a brochure encouraging regular mammograms, and a letter offering a free health screening and listing locations where it is available. The letter highlights the location closest to the recipient’s home.

McCoy said OhioHealth is respectful in the language it uses, taking care not to print sensitive information on the envelope and avoiding any direct mention in its materials that the letter recipient might have a particular health condition, such as diabetes.

Mount Carmel declined to share any of its marketing materials.

Nationwide Children’s Hospital said it does not use customer-relationship management, although the hospital is a proponent of its potential. “We’re more in a watch-and-see mode,” said Donna Teach, Nationwide Children’s chief marketing and communication officer.

Using health data in marketing has become more common with the advent of electronic health records, at a time when social media are reshaping the public’s expectations of privacy. About 25 percent of U.S. hospitals use customer-relationship marketing, also called “predictive analytics,” according to Medseek.

Social-media websites such as Facebook have raised questions about privacy, in part because the information that people voluntarily post about themselves on hospital Facebook pages isn’t protected by law, said Pam Dixon, executive director of World Privacy Forum, a San Diego nonprofit organization that educates, analyzes and researches privacy matters.

And hospitals often fail to disclose that fact on their Facebook pages, she said.

“It’s open season on whatever you post.”

Nationwide Children’s learns from analytical information that Facebook aggregates, Teach said. More than 125,000 people have “liked” the site, and it’s a good place for parents of the hospital’s patients to network with other parents and access helpful information, she said.

But Teach said privacy advocates’ concerns about a lack of disclaimers don’t seem germane to her hospital. “I don’t think it’s applicable to us because we’re not harvesting clinical information,” she said.

bsutherly@dispatch.com

@BenSutherly

Never miss a story

Choose the plan that's right for you.
Digital access or digital and print delivery.